Security Specialist Banking Distribution

Our client is a financial service provider for 7.1 million customers in 40 countries, you know already. Our Red Team works for all the locations of our client in all these countries.
Do you also know that we are working together on a better world? We do this in 101 ways like for example our knowledge and experience of Ethical Hacking and Red Teaming sharing with other organizations and "hackers". That belongs to us at ' growing a better world together

Within client's Distribution we develop the online touchpoints of our customers. We facilitate that customers can open accounts, transfer money, get insights in their financials and can use all kind of other services we have to offer them. Of course this needs to be done in a secure fashion. We cannot afford data breaches or unavailability of our channels. That’s why we are looking for security specialists: to support our teams in secure engineering and to execute the required security tests.

Our vision is that our DevOps teams are as autonomous as possible. They build and run their own software, whether that is a self-made Java application running in the cloud or an integrated SaaS or PaaS solution. This includes design, performance testing, releasing and maintaining the software in production. However, for security testing we today fully depend on the Rabobank Cyber Defence Center (CDC), in particular for pentesting. The CDC does vulnerability scans and executes the required pentests for the teams. Our ambition is to bring this capability closer to the DevOps teams. Aiming on raising awareness and knowledge on secure engineering, more automation of security tests and in the end more autonomy for the teams.

Your role: As a Security Specialist you will work in close collaboration with our DevOps teams and with the CDC. You execute the required security tests for the teams and use the standards, best practices and tools the CDC has in place for this. You report the vulnerabilities you have found to the relevant development teams, but are also able to advise teams about how to remediate findings.

Next to that you will work together with the CDC and the DevOps teams to raise the knowledge level of the teams on secure engineering. Part of this is setting up the right tooling for the teams to automate activities where possible. So that the teams get less dependent on you or the CDC for their day to day work.
In this role we not only expect you to show us your best skills, but also to guide our teams, bring structure where needed and have an eye for overall quality. You are both hands on when it comes to executing security tests, as well as have the consultancy skills to bring our security practices to a higher level.

Communication, critical thinking and problem solving are essential skills for this role. In addition, it's important that you recognise yourself in the checklist below:

• 7+ years experience in the area of security testing;
• Experience with both front end and back end technology, as well as cloud;
• Relevant working experience in financial sector (or similar);
• Demonstrated ability to follow best practices;
• Ability to train, challenge and coach teams you work with;
• Fluent English is a must.

• On top of that you can also count on us (based on a 36-hour working week):
• A thirteenth month and holiday money;
• An Employee Benefit Budget (10% of your monthly income). How you bet this budget is up to you. Consider buying extra holiday days or an additional deposit in your pension;
• Relatively high flexibility in working hours and location independent work, depending on the planning in the team;
• 100% reimbursement of commuting if you travel with ov! Anyway with car or motorbike?

Then choose a commuting fee;

• A pension scheme that you only contribute 5% to.